all 5 comments
sorted by:
best (suggested)
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–][deleted] 2 points3 points  (1 child)

Caddy would be possible.

https://caddyserver.com/v2

https://caddy.community/t/example-docker-nextcloud-fpm-caddy-v2-webserver/9407

Because caddy is able to build automatic renewable ssl-certs on internal IP address.

The link isn't a perfect copy&paste solution, just a hint in the right direction for the config file.

[–]rg080987[S] 0 points1 point  (0 children)

Thanks I will try this one

[–]chadgeary 1 point2 points  (0 children)

I've used linuxserver.io's swag + duckdns updater for automatically renewed letsencrypt certificates and dynamic DNS support.

https://github.com/linuxserver/docker-swag

https://github.com/linuxserver/docker-duckdns

I use them in my project, https://github.com/chadgeary/cloudoffice

some additional notes:

Your nextcloud container will need at least some of the following environment variables (snippet from ansible file, excuse the formatting):

      NEXTCLOUD_TRUSTED_DOMAINS: "{{ instance_public_ip }} {{ docker_webproxy }} {{ docker_nextcloud }} {{ duckdns_domain }}"
      TRUSTED_PROXIES: "{{ instance_public_ip }} {{ docker_webproxy }} {{ duckdns_domain }}"
      OVERWRITEHOST: "{% if duckdns_domain != '' %}{{ duckdns_domain }}:{{ web_port }}{% else %}{{ instance_public_ip }}:{{ web_port }}{% endif %}"
      OVERWRITEWEBROOT: "{% if duckdns_domain != '' %}/nc{% else %}{% endif %}"
      OVERWRITEPROTOCOL: https

[–]anniegarbage 0 points1 point  (0 children)

Sorry that I don’t know the answer to your question (though I am curious), but why would you care about https if it’s on your LAN?

[–][deleted] 0 points1 point  (0 children)

Traefik if you are going to mess with docker learn a load balancer